How to prevent Tomcat from creating separate sessions for domain.com and www.domain.com?

Question

How to prevent Tomcat from creating separate sessions for domain.com and www.domain.com?

Our web application is deployed on Tomcat. If users visit http://domain.com and http://www.domain.com , they will receive two different JSESSIONID cookies and thus two separate sessions, one for the .com domain and one for www.domain.com . This causes all kinds of problems if they start to do something in a session on www.domain.com, and then they are redirected to the .com domain.

Is there a way to make Tomcat just use the same JSESSIONID for domain.com and www.domain.com?

+4

tomcat

Zach Dec 16 '10 at 17:04

source share

1 answer

mindas · Answer 1 · 2010-12-17T11:37:15+0000

You can try using mod_rewrite and redirect all domain.com users to www.domain.com.

If your Tomcat is not behind Apache, you can always write a simple servlet filter to do the same.

Also, look here: https://serverfault.com/questions/93995/configuring-apache-tomcat-mod-jk-and-mod-rewrite-to-serve-up-tomcat-from-top-le

How to prevent Tomcat from creating separate sessions for domain.com and www.domain.com?

More articles: